January 13, 2019

Security Witnesses for Compiler Transformations

  • Namjoshi K.
  • Tabajara L.

Compiler optimizations can be correct and yet be insecure. Program changes made during optimization may weaken security guarantees -- for instance, by introducing new ways to leak secret data. This work presents a methodology for ensuring that security properties are preserved during compilation. Properties are expressed as automata operating over a bundle of related program traces. A notion of automaton-based program refinement guarantees that the associated security property is preserved. In practice, such refinement relations can be generated by a compiler as it optimizes a source program, and validated with an independent refinement checker. This process formally establishes the security of every source-to-target transformation without, however, requiring a proof of correctness of the compiler implementation itself.

Recent Publications

January 01, 2019

Friendly, appealing or both? Characterising user experience in sponsored search landing pages

  • Bron M.
  • Chute M.
  • Evans H.
  • Lalmas M.
  • Redi M.
  • Silvestri F.

© 2017 International World Wide Web Conference Committee (IW3C2), published under Creative Commons CC BY 4.0 License. Many of today's websites have recognised the importance of mobile friendly pages to keep users engaged and to provide a satisfying user experience. However, next to the experience provided by the sites themselves, ...

January 01, 2019

Analyzing uber's ride-sharing economy

  • Aiello L.
  • Djuric N.
  • Grbovic M.
  • Kooti F.
  • Lerman K.
  • Radosavljevic V.

© 2017 International World Wide Web Conference Committee (IW3C2), published under Creative Commons CC BY 4.0 License. Uber is a popular ride-sharing application that matches people who need a ride (or riders) with drivers who are willing to provide it using their personal vehicles. Despite its growing popularity, there exist ...

January 01, 2019

The paradigm-shift of social spambots: Evidence, theories, and tools for the arms race

  • Cresci S.
  • Petrocchi M.
  • Pietro R.
  • Spognardi A.
  • Tesconi M.

© 2017 International World Wide Web Conference Committee (IW3C2), published under Creative Commons CC BY 4.0 License. Recent studies in social media spam and automation provide anecdotal argumentation of the rise of a new generation of spambots, so-called social spambots. Here, for the first time, we extensively study this novel ...